Author Archives: Ravie Lakshmanan

Russian state-sponsored actors are continuing to strike Ukrainian entities with information-stealing malware as part of what’s suspected to be an espionage operation.
Symantec, a division of Broadcom Software, attributed the malicious campaign to a th… Continue reading Russian State Hackers Continue to Attack Ukrainian Entities with Infostealer Malware→

Popular end-to-end encrypted messaging service Signal on Monday disclosed the cyberattack aimed at Twilio earlier this month may have exposed the phone numbers of roughly 1,900 users.
“For about 1,900 users, an attacker could have attempted to re-regi… Continue reading Nearly 1,900 Signal Messenger Accounts Potentially Compromised in Twilio Hack→

The SOVA Android banking trojan is continuing to be actively developed with upgraded capabilities to target no less than 200 mobile applications, including banking apps and crypto exchanges and wallets, up from 90 apps when it started out.
That’s acco… Continue reading SOVA Android Banking Trojan Returns With New Capabilities and Targets→

A now-removed rogue package pushed to the official third-party software repository for Python has been found to deploy cryptominers on Linux systems.
The module, named “secretslib” and downloaded 93 times prior to its deletion, was released to the Pyt… Continue reading Newly Uncovered PyPI Package Drops Fileless Cryptominer to Linux Systems→

Dutch authorities on Friday announced the arrest of a software developer in Amsterdam who is alleged to be working for Tornado Cash, days after the U.S. sanctioned the decentralized crypto mixing service.
The 29-year-old individual is “suspected of in… Continue reading Tornado Cash Developer Arrested After U.S. Sanctions the Cryptocurrency Mixer→

A pair of reports from cybersecurity firms SEKOIA and Trend Micro sheds light on a new campaign undertaken by a Chinese threat actor named Lucky Mouse that involves leveraging a trojanized version of a cross-platform messaging app to backdoor systems…. Continue reading Chinese Hackers Backdoored MiMi Chat App to Target Windows, Linux, macOS Users→

A security feature bypass vulnerability has been uncovered in three signed third-party Unified Extensible Firmware Interface (UEFI) boot loaders that allow bypass of the UEFI Secure Boot feature.
“These vulnerabilities can be exploited by mounting the… Continue reading Researchers Uncover UEFI Secure Boot Bypass in 3 Microsoft Signed Boot Loaders→

Security flaws have been identified in Xiaomi Redmi Note 9T and Redmi Note 11 models, which could be exploited to disable the mobile payment mechanism and even forge transactions via a rogue Android app installed on the devices.
Check Point said it fo… Continue reading Xiaomi Phones with MediaTek Chips Found Vulnerable to Forged Payments→

Social media company Meta said it will begin testing end-to-end encryption (E2EE) on its Messenger platform this week for select users as the default option, as the company continues to slowly add security layers to its various chat services.
“If you’… Continue reading Facebook Testing Default End-to-End Encryption and Encrypted Backups in Messenger→

The U.S. State Department on Thursday announced a $10 million reward for information related to five individuals associated with the Conti ransomware group.
The reward offer is also notable for the fact that it marks the first time the face of a Conti… Continue reading U.S. Government Offers $10 Million Reward for Information on Conti Ransomware Gang→